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AMENDMENTS TO THE CLAIMS 

This listing of claims will replace all prior versions and listings of claims in the 
application: 

LISTING OF CLAIMS: 

1 . (original): An encrypted communication method characterized by comprising the 

steps of: 

a) causing a communication method resolution unit to determine on the basis of a domain 
name contained in one of a name resolution query transmitted from an application that 
communicates with a node apparatus connected to a network to resolve an IP address of the node 
apparatus and a name resolution response as a response to the name resolution query whether the 
node apparatus is an encrypted communication target node; 

b) causing an encrypted communication path setting unit to register the IP address of the 
node apparatus in an encrypted communication path setting table when the node apparatus is the 
encrypted communication target node; 

c) causing a name resolution query/response transmission/reception unit to transmit the 
IP address of the node apparatus contained in the name resolution response to the application; 

d) causing the application to transmit a data packet in which the IP address of the node 
apparatus is set as a destination address; and 

e) causing a data transmission/reception unit to receive the data packet transmitted from 
the application and, if a communication partner IP address set as the destination address of the 
data packet is registered in the encrypted communication path setting table, encrypt and transmit 
the data packet. 
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2. (original): An encrypted communication method according to claim 1, characterized 
in that processes of the step a, the step b, and the step c are executed by a name resolution proxy 
unit provided in a node apparatus in which the application operates. 

3. (original): An encrypted communication method according to claim 1, characterized 
in that a process of the step a is executed by a name resolution server, and processes of the step b 
and the step c are executed by a name resolution proxy unit provided in a node apparatus in 
which the application operates. 

4. (original): An encrypted communication method according to claim 1, characterized 
in that the communication method resolution unit determines whether the node apparatus is an 
encrypted communication target node by looking up a setting table in which at least part of the 
domain name of the encrypted communication target node is registered. 

5. (original): An encrypted communication method characterized by comprising the 
steps of: 

a) causing a communication method resolution unit to determine on the basis of a domain 
name contained in one of a name resolution query transmitted from an application on a client 
node to resolve an IP address of another node apparatus serving as a communication target of the 
application and a name resolution response as a response to the name resolution query whether 
said other node apparatus is an encrypted communication target node; 
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b) causing an encrypted communication path setting unit to register, in an encrypted 
communication path setting table, a correspondence between the IP address of said other node 
apparatus and an intercept address that is not used in any other communication session when said 
other node apparatus is the encrypted communication target node; 

c) causing a name resolution query/response transmission/reception unit to transmit, to 
the application as the name resolution response, an intercept address corresponding to the IP 
address of said other node apparatus contained in the name resolution response; 

d) causing the application to transmit a data packet in which the intercept address is set as 
a destination address; and 

e) causing a data transmission/reception unit to receive the data packet transmitted from 
the application, read out, from the encrypted communication path setting table, a communication 
partner IP address corresponding to the intercept address set as the destination address of the data 
packet, set the readout communication partner IP address as the destination address of the data 
packet, and encrypt and transmit the set data packet. 

6. (original): An encrypted communication method according to claim 5, characterized 
in that processes of the step a, the step b, and the step c are executed by a name resolution proxy 
unit provided in a communication encryption node apparatus having the data 
transmission/reception unit. 

7. (original): An encrypted communication method according to claim 5, characterized 
in that a process of the step a is executed by a name resolution server, and processes of the step b 
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and the step c are executed by a name resolution proxy unit provided in a communication 
encryption node apparatus having the data transmission/reception unit. 

8. (original): An encrypted communication method according to claim 5, characterized 
in that the communication method resolution unit determines whether said other node apparatus 
is an encrypted communication target node by looking up a setting table in which at least part of 
the domain name of the encrypted communication target node is registered. 

9. (original): A node apparatus characterized by comprising: 

an application that communicates with another node apparatus connected to a network; 

a data transmission/reception unit provided in a kernel unit; and 

a name resolution proxy unit which relays a name resolution query transmitted from said 
application to a name resolution server to resolve an IP address of said other node apparatus and 
a name resolution response as a response to the name resolution query, 

said data transmission/reception unit comprising 

an encrypted communication path setting table which holds a communication 

partner IP address, and 

a communication encryption unit which receives a data packet transmitted from 

said application and encrypts and transmits the data packet when a communication 

partner IP address set as the destination address of the data packet is registered in said 

encrypted communication path setting table, and 
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said name resolution proxy unit comprising an encrypted communication path setting unit 
which registers, in said encrypted communication path setting table, the IP address of said other 
node apparatus resolved by the name resolution response if it is determined on the basis of a 
domain name of said other node apparatus contained in one of the name resolution query and the 
name resolution response that said other node apparatus is an encrypted communication target 
node. 

10. (original): A node apparatus according to claim 9, characterized in that said 
encrypted communication path setting table holds a plurality of communication partner IP 
addresses. 

1 1 . (original): A node apparatus according to claim 9, characterized in that said name 
resolution proxy unit further comprises a communication method resolution unit which 
determines on the basis of the domain name of said other node apparatus whether said other node 
apparatus is the encrypted communication target node. 

12. (original): A node apparatus according to claim 11, characterized in that 

said encrypted communication path setting table holds encrypted communication path 
setting information to be used for communication with a communication partner in 
correspondence with the communication partner IP address, 

said communication encryption unit reads out corresponding encrypted communication 
path setting information from said encrypted communication path setting table, encrypts the data 
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packet in accordance with the readout encrypted communication path setting information, and 
transmits the data packet when the communication partner IP address set as the destination 
address of the received data packet is registered in said encrypted communication path setting 
table, 

said name resolution proxy unit further comprises a setting table which holds a 
correspondence between a domain name condition to specify an encrypted communication target 
node and encrypted communication path setting information, 

said communication method resolution unit determines that said other node apparatus is 
the encrypted communication target node when the domain name of said other node apparatus 
matches any one of domain name conditions held in said setting table, and 

said encrypted communication path setting unit registers, in said encrypted 
communication path setting table, encrypted communication path setting information 
corresponding to the matched domain name condition in correspondence with the IP address of 
said other node apparatus. 

13. (original): A node apparatus according to claim 9, characterized in that said name 
resolution proxy unit further comprises a name resolution query/response transmission/reception 
unit which transmits, to the name resolution server, the name resolution query transmitted from 
said application to resolve the IP address of said other node apparatus, receives, from the name 
resolution server, the name resolution response containing a determination result indicating 
whether said other node apparatus is an encrypted communication target node and the IP address 



7 



AMENDMENT UNDER 37 C.F.R. §1.111 Attorney Docket No.: Q95944 

Application No.: 10/585,850 

of said other node apparatus, and transmits, to said application, the name resolution response 
containing the IP address of said other node apparatus contained in the name resolution response. 

14. (original): A node apparatus according to claim 13, characterized in that 
said encrypted communication path setting table holds encrypted communication path 
setting information to be used for communication with a communication partner in 
correspondence with the communication partner IP address, 

said communication encryption unit reads out corresponding encrypted communication 
path setting information from said encrypted communication path setting table, encrypts the data 
packet in accordance with the readout encrypted communication path setting information, and 
transmits the data packet when the communication partner IP address set as the destination 
address of the received data packet is registered in said encrypted communication path setting 
table, 

said name resolution query/response transmission/reception unit receives, from the name 
resolution server, the name resolution response further containing encrypted communication path 
setting information in addition to the determination result and the IP address of said other node 
apparatus, and 

said encrypted communication path setting unit registers, in said encrypted 
communication path setting table, encrypted communication path setting information contained 
in the name resolution response in correspondence with the IP address of said other node 
apparatus. 
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15. (original): A node apparatus according to claim 11, characterized in that said 
communication method resolution unit determines whether said other node apparatus is an 
encrypted communication target node by looking up a setting table in which at least part of the 
domain name of the encrypted communication target node is registered. 

16. (original): A communication encryption node apparatus connected, through a 
network, to a client node apparatus in which an application that communicates with another node 
apparatus connected to the network operates, characterized by comprising: 

a data transmission/reception unit provided in a kernel unit; and 

a name resolution proxy unit which relays a name resolution query transmitted from the 

application to a name resolution server to resolve an IP address of said other node apparatus and 

a name resolution response as a response to the name resolution query, 
said data transmission/reception unit comprising 

an encrypted communication path setting table which holds a correspondence 
between a communication partner IP address and an intercept address, and 

a communication encryption unit which receives a data packet transmitted from 
the application, reads out, from said encrypted communication path setting table, a 
communication partner IP address corresponding to an intercept address set as a 
destination address of the data packet, sets the readout communication partner IP address 
as the destination address of the data packet, and encrypts and transmits the set data 
packet, and 

said name resolution proxy unit comprising 
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an encrypted communication path setting unit which registers, in said encrypted 
communication path setting table, a correspondence between the IP address of said other 
node apparatus resolved by the name resolution response and an intercept address that is 
not used in any other communication session if it is determined on the basis of a domain 
name of said other node apparatus contained in one of the name resolution query and the 
name resolution response that said other node apparatus is an encrypted communication 
target node, and 

a name resolution query/response transmission/reception unit which transmits, to 
the application as the name resolution response, the intercept address corresponding to 
the IP address of said other node apparatus contained in the name resolution response 
received from the name resolution server. 

17. (original): A communication encryption node apparatus according to claim 16, 
characterized in that said encrypted communication path setting table holds a plurality of 
correspondences between the communication partner IP address and the intercept address. 

18. (original): A communication encryption node apparatus according to claim 16, 
characterized in that said name resolution proxy unit further comprises a communication method 
resolution unit which determines on the basis of the domain name of said other node apparatus 
whether said other node apparatus is the encrypted communication target node. 
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19. (original): A communication encryption node apparatus according to claim 17, 
characterized in that 

said encrypted communication path setting table holds encrypted communication path 
setting information to be used for communication with a communication partner in 
correspondence with the communication partner IP address and the intercept address, 

said communication encryption unit reads out, from said encrypted communication path 
setting table, encrypted communication path setting information and the communication partner 
IP address corresponding to the intercept address set as the destination address of the received 
data packet, encrypts the data packet having the readout communication partner IP address set as 
the destination address in accordance with the readout encrypted communication path setting 
information, and transmits the data packet, 

said name resolution proxy unit further comprises a setting table which holds a 
correspondence between a domain name condition to specify an encrypted communication target 
node and encrypted communication path setting information, 

said communication method resolution unit determines that said other node apparatus is 
the encrypted communication target node when the domain name of said other node apparatus 
matches any one of domain name conditions held in said setting table, and 

said encrypted communication path setting unit registers, in said encrypted 
communication path setting table, encrypted communication path setting information 
corresponding to the matched domain name condition in correspondence with the IP address of 
said other node apparatus and the intercept address. 
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20. (original): A communication encryption node apparatus according to claim 16, 
characterized in that said name resolution query/response transmission/reception unit transmits, 
to the name resolution server, the name resolution query transmitted from the application to 
resolve the IP address of said other node apparatus, receives, from the name resolution server, 
the name resolution response containing a determination result indicating whether said other 
node apparatus is an encrypted communication target node and the IP address of said other node 
apparatus, and replaces the IP address of said other node apparatus contained in the name 
resolution response with the intercept address and transmits the name resolution response to the 
application if it is determined that said other node apparatus is the encrypted communication 
target node. 

21 . (original): A communication encryption node apparatus according to claim 20, 
characterized in that 

said encrypted communication path setting table holds encrypted communication path 
setting information to be used for communication with a communication partner in 
correspondence with the communication partner IP address and the intercept address, 

said communication encryption unit reads out, from said encrypted communication path 
setting table, encrypted communication path setting information and the communication partner 
IP address corresponding to the intercept address set as the destination address of the received 
data packet, encrypts the data packet having the readout communication partner IP address set as 
the destination address in accordance with the readout encrypted communication path setting 
information, and transmits the data packet, 
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said name resolution query/response transmission/reception unit receives, from the name 
resolution server, the name resolution response further containing encrypted communication path 
setting information in addition to the determination result and the IP address of said other node 
apparatus, and 

said encrypted communication path setting unit registers, in said encrypted 
communication path setting table, encrypted communication path setting information contained 
in the name resolution response in correspondence with the IP address of said other node 
apparatus and the intercept address. 

22. (original): A communication encryption node apparatus according to claim 18, 
characterized in that said communication method resolution unit determines whether said other 
node apparatus is an encrypted communication target node by looking up a setting table in which 
at least part of the domain name of the encrypted communication target node is registered. 

23. (original): An encrypted communication system characterized by comprising: 

a node apparatus in which an application that communicates with another node apparatus 
connected to a network operates; and 

a name resolution server which resolves an IP address of each of said node apparatuses, 

said node apparatus comprising 

a data transmission/reception unit provided in a kernel unit, and 

a name resolution proxy unit which relays a name resolution query transmitted 

from the application to said name resolution server to resolve the IP address of said other 
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node apparatus and a name resolution response as a response to the name resolution 
query, 

said data transmission/reception unit comprising 

an encrypted communication path setting table which holds a communication 
partner IP address, and 

a communication encryption unit which receives a data packet transmitted from 
the application and encrypts and transmits the data packet when a communication partner 
IP address set as the destination address of the data packet is registered in said encrypted 
communication path setting table, 

said name resolution server comprising a communication method resolution unit which 
determines on the basis of a domain name of said other node apparatus contained in one of the 
name resolution query and the name resolution response whether said other node apparatus is an 
encrypted communication target node, and 

said name resolution proxy unit comprising an encrypted communication path setting unit 
which registers, in said encrypted communication path setting table, the IP address of said other 
node apparatus resolved by the name resolution response if said other node apparatus is an 
encrypted communication target node. 

24. (original): An encrypted communication system according to claim 23, characterized 
in that said encrypted communication path setting table holds a plurality of communication 
partner IP addresses. 
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25. (original): An encrypted communication system according to claim 23, characterized 

in that 

said encrypted communication path setting table holds encrypted communication path 
setting information to be used for communication with a communication partner in 
correspondence with the communication partner IP address, 

said communication encryption unit reads out corresponding encrypted communication 
path setting information from said encrypted communication path setting table, encrypts the data 
packet in accordance with the readout encrypted communication path setting information, and 
transmits the data packet when the communication partner IP address set as the destination 
address of the received data packet is registered in said encrypted communication path setting 
table, 

said name resolution server comprises 

a setting table which holds a correspondence between a domain name condition to 
specify an encrypted communication target node and encrypted communication path 
setting information, 

means, serving as said communication method resolution unit, for determining 
whether the domain name of said other node apparatus matches any one of domain name 
conditions held in said setting table, and 

a name resolution query/response transmission/reception unit which adds 
encrypted communication path setting information corresponding to the matched domain 
name condition to the name resolution response and transmits the name resolution 
response, and 
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said encrypted communication path setting unit registers the encrypted communication 
path setting information in said encrypted communication path setting table in correspondence 
with the IP address of said other node apparatus upon receiving the name resolution response 
added the encrypted communication path setting information from said name resolution server. 

26. (original): An encrypted communication system according to claim 23, characterized 
in that said communication method resolution unit determines whether said other node apparatus 
is an encrypted communication target node by looking up a setting table in which at least part of 
the domain name of the encrypted communication target node is registered. 

27. (original): An encrypted communication system characterized by comprising: 

a client node apparatus in which an application that communicates with another node 
apparatus connected to a network operates; 

a communication encryption node apparatus connected to said client node apparatus 
through the network; and 

a name resolution server which resolves an IP address of each of said node apparatuses, 

said communication encryption node apparatus comprising 

a data transmission/reception unit provided in a kernel unit, and 

a name resolution proxy unit which relays a name resolution query transmitted 

from the application to said name resolution server to resolve the IP address of said other 

node apparatus and a name resolution response as a response to the name resolution 

query, 
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said data transmission/reception unit comprising 

an encrypted communication path setting table which holds a correspondence 
between a communication partner IP address and an intercept address, and 

a communication encryption unit which receives a data packet transmitted from 
the application, reads out, from said encrypted communication path setting table, a 
communication partner IP address corresponding to an intercept address set as a 
destination address of the data packet, sets the readout communication partner IP address 
as the destination address of the data packet, and encrypts and transmits the set data 
packet, 

said name resolution server comprising a communication method resolution unit which 
determines on the basis of a domain name of said other node apparatus contained in one of the 
name resolution query and the name resolution response whether said other node apparatus is an 
encrypted communication target node, and 

said name resolution proxy unit comprising 

an encrypted communication path setting unit which registers, in said encrypted 

communication path setting table, a correspondence between the IP address of said other 

node apparatus resolved by the name resolution response and an intercept address that is 

not used in any other communication session if said other node apparatus is an encrypted 

communication target node, and 

a name resolution query/response transmission/reception unit which transmits, to 

the application as the name resolution response, the intercept address corresponding to 
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the IP address of said other node apparatus contained in the name resolution response 
received from the name resolution server. 

28. (original): An encrypted communication system according to claim 27, characterized 
in that said encrypted communication path setting table holds a plurality of correspondences 
between the communication partner IP address and the intercept address. 

29. (original): An encrypted communication system according to claim 27, characterized 

in that 

said encrypted communication path setting table holds encrypted communication path 
setting information to be used for communication with a cornmunication partner in 
correspondence with the communication partner IP address and the intercept address, 

said communication encryption unit reads out, from said encrypted communication path 
setting table, encrypted communication path setting information and the communication partner 
IP address corresponding to the intercept address set as the destination address of the received 
data packet, encrypts the data packet having the readout communication partner IP address set as 
the destination address in accordance with the readout encrypted communication path setting 
information, and transmits the data packet, 

said name resolution server comprises 

a setting table which holds a correspondence between a domain name condition to 

specify an encrypted communication target node and encrypted communication path 

setting information, 
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means, serving as said communication method resolution unit, for determining 
whether the domain name of said other node apparatus matches any one of domain name 
conditions held in said setting table, and 

a name resolution query/response transmission/reception unit which adds 
encrypted communication path setting information corresponding to the matched domain 
name condition to the name resolution response and transmits the name resolution 
response, and 

said encrypted communication path setting unit registers the encrypted communication 
path setting information in said encrypted communication path setting table in correspondence 
with the IP address of said other node apparatus and the intercept address upon receiving the 
name resolution response added the encrypted communication path setting information from said 
name resolution server. 

30. (original): An encrypted communication system according to claim 27, characterized 
in that said communication method resolution unit determines whether said other node apparatus 
is an encrypted communication target node by looking up a setting table in which at least part of 
the domain name of the encrypted communication target node is registered. 

31. (currently amended): A computer-readable medium having stored thereon a p rogram 
which enables e auses-a computer included in a node apparent the node apparatus having i n 
which an application operates therein which t hat^ornmunicates with another node apparatus 
connected to a network operates, , to function asi 
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communication encryption means provided in a data transmission/reception unit of a 
kernel unit, and name resolution proxy means for relaying a name resolution query transmitted 
from the application to a name resolution server to resolve an IP address of said other node 
apparatus and a name resolution response as a response to the name resolution query, 
characterized in that 

the program enables said communication encryption means to receive rec e ives a data 
packet transmitted from the application and encrypt e ncrypts and transmit transmits the data 
packet when a communication partner IP address set as the destination address of the data packet 
is registered in an encrypted communication path setting table that holds a communication 
partner IP address, and 

the program enables an encrypted communication path setting means, of said name 
resolution proxy meanSi to register compris e s encrypted communication path setting means for 
registering , in the encrypted communication path setting table, the IP address of said other node 
apparatus resolved by the name resolution response if it is determined on the basis of a domain 
name of said other node apparatus contained in one of the name resolution query and the name 
resolution response that said other node apparatus is an encrypted communication target node. 

32. (currently amended): A computer-readable medium p rogram according to claim 31, 
characterized in that the encrypted communication path setting table holds a plurality of 
communication partner IP addresses. 
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33. (currently amended): A computer-readable medium p rogram according to claim 31, 
characterized in that the program further enables a communication method resolution means, of 
said name resolution proxy means i to determine, further comprise communication method 
resolution means for determining on the basis of the domain name of said other node apparatus;, 
whether said other node apparatus is an encrypted communication target node. 

34. (currently amended): A computer-readable medium program according to claim 33, 
characterized in that 

the encrypted communication path setting table holds encrypted communication path 
setting information to be used for communication with a communication partner in 
correspondence with the communication partner IP address, 

the program further enables said communication encryption means reads -to read out 
corresponding encrypted communication path setting information from said encrypted 
communication path setting table, encrypts encrypt the data packet in accordance with the 
readout encrypted communication path setting information, and transmits transmit t he data 
packet when the communication partner IP address set as the destination address of the received 
data packet is registered in said encrypted communication path setting table, 

the program further enables said communication method resolution means det e rmines to 
determine that said other node apparatus is an encrypted communication target node when the 
domain name of said other node apparatus matches any one of domain name conditions held in a 
setting table that holds a correspondence between a domain name condition to specify an 
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encrypted communication target node and encrypted communication path setting information, 
and 

the program further enables said encrypted communication path setting means regist e rs to 
register , in the encrypted communication path setting table, encrypted communication path 
setting information corresponding to the matched domain name condition in correspondence 
with the IP address of said other node apparatus. 

35. (currently amended): A program computer-readable medium according to claim 31, 
characterized in that the program further enables a name resolution query/response 
transmission/reception means, of said name resolution proxy means., further compris e s name 
resolution query/response transmission/r e c e ption means for transmitting t o transmit , to the name 
resolution server, the name resolution query transmitted from the application to resolve the IP 
address of said other node apparatus, receiving reeeive , from the name resolution server, the 
name resolution response containing a determination result indicating whether said other node 
apparatus is an encrypted communication target node and the IP address of said other node 
apparatus, and transmitting transmit , to the application, the name resolution response containing 
the IP address of said other node apparatus contained in the name resolution response. 

36. (currently amended): A computer-readable medium p rogram according to claim 35, 
characterized in that 



22 



AMENDMENT UNDER 37 C.F.R. §1.111 Attorney Docket No. : Q95944 

Application No.: 10/585,850 

the encrypted communication path setting table holds encrypted communication path 
setting information to be used for communication with a communication partner in 
correspondence with the communication partner IP address, 

the program further enables said communication encryption means reads -to read out 
corresponding encrypted communication path setting information from the encrypted 
communication path setting table, e ncrypts encrypt the data packet in accordance with the 
readout encrypted communication path setting information, and transmits transmit the data 
packet when the communication partner IP address set as the destination address of the received 
data packet is registered in the encrypted communication path setting table, 

the program further enables said name resolution query/response transmission/reception 
means receives to receive , from the name resolution server, the name resolution response further 
containing encrypted communication path setting information in addition to the determination 
result and the IP address of said other node apparatus, and 

the program further enables said encrypted communication path setting means registers to 
register , in the encrypted communication path setting table, encrypted communication path 
setting information contained in the name resolution response in correspondence with the IP 
address of said other node apparatus. 

37. (currently amended): A program c omputer-readable medium according to claim 33, 
characterized in that the program further enables said communication method resolution means 
determines to determine whether said other node apparatus is an encrypted communication target 
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node by looking up a setting table in which at least part of the domain name of the encrypted 
communication target node is registered. 

38. (currently amended): A computer-readable medium having stored thereon a p rogram 
which causes enables a computer included in a communication encryption node apparatus 
connected, through a network, to a client node apparatus in which h aving an application that 
operates therein and communicates with another node apparatus connected to the network 
operates ., to function asi 

communication encryption means provided in a data transmission/reception unit of a 
kernel unit, and name resolution proxy means for relaying a name resolution query transmitted 
from the application to a name resolution server to resolve an IP address of said other node 
apparatus and a name resolution response as a response to the name resolution query, 
characterized in that 

the program further enables said communication encryption means to receive receives a 
data packet transmitted from the application, read reads-out, from an encrypted communication 
path setting table that holds a correspondence between a communication partner IP address and 
an intercept address, a communication partner IP address corresponding to an intercept address 
set as a destination address of the data packet, sets-set the readout communication partner IP 
address as the destination address of the data packet, and encrypts encrypt and transmits transmit 
the set data packet, and 

said name resolution proxy means comprises 
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the program further enables an encrypted communication path setting means of said name 
resolution proxy means for registerin g to register, in the encrypted communication path setting 
table, a correspondence between the IP address of said other node apparatus resolved by the 
name resolution response and an intercept address that is not used in any other communication 
session if it is determined on the basis of a domain name of said other node apparatus contained 
in one of the name resolution query and the name resolution response that said other node 
apparatus is an encrypted communication target node, and 

the program further enables a name resolution query/response transmission/reception 
means , of said name resolution proxy means, to transmit for transmitting , to the application as 
the name resolution response, the intercept address corresponding to the IP address of said other 
node apparatus contained in the name resolution response received from the name resolution 
server. 

39. (currently amended): A program computer-readable medium according to claim 38, 
characterized in that the encrypted communication path setting table holds a plurality of 
correspondences between the communication partner IP address and the intercept address. 

40. (currently amended): A program computer readable medium according to claim 38, 
characterized in that the program further enables said name resolution proxy means further 
comprises communication method resolution means of said name resolution proxy means, to 
determine for determining on the basis of the domain name of said other node apparatus whether 
said other node apparatus is the encrypted communication target node. 
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41 . (currently amended): A computer-readable medium program according to claim 40, 
characterized in that 

the encrypted communication path setting table holds encrypted communication path 
setting information to be used for communication with a communication partner in 
correspondence with the communication partner IP address and the intercept address, 

the program further enables said communication encryption means reads -to read out, 
from the encrypted communication path setting table, encrypted communication path setting 
information and the communication partner IP address corresponding to the intercept address set 
as the destination address of the received data packet, encrypts encrypt t he data packet having the 
readout communication partner IP address set as the destination address in accordance with the 
readout encrypted communication path setting information, and transmits transmit the data 
packet, 

the program further enables said communication method resolution means determines to 
determine that said other node apparatus is an encrypted communication target node when the 
domain name of said other node apparatus matches any one of domain name conditions held in a 
setting table that holds a correspondence between a domain name condition to specify an 
encrypted communication target node and encrypted communication path setting information, 
and 

the program further enables said encrypted communication path setting means registers to 
register , in the encrypted communication path setting table, encrypted communication path 
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setting information corresponding to the matched domain name condition in correspondence 
with the IP address of said other node apparatus and the intercept address. 

42. (currently amended): A program computer-readable medium according to claim 38, 
characterized in that the program further enables said name resolution query/response 
transmission/reception means transmits to transmit , to the name resolution server, the name 
resolution query transmitted from the application to resolve the IP address of said other node 
apparatus, receives receive , from the name resolution server, the name resolution response 
containing a determination result indicating whether said other node apparatus is an encrypted 
communication target node and the IP address of said other node apparatus, and replaces replace 
the IP address of said other node apparatus contained in the name resolution response with the 
intercept address and transmits t ransmit the name resolution response to the application if it is 
determined that said other node apparatus is the encrypted communication target node. 

43. (currently amended): A program computer-readable medium according to claim 42, 
characterized in that 

the encrypted communication path setting table holds encrypted communication path 
setting information to be used for communication with a communication partner in 
correspondence with the communication partner IP address and the intercept address, 

the program further enables said communication encryption means reads -to read out, 
from the encrypted communication path setting table, encrypted communication path setting 
information and the communication partner IP address corresponding to the intercept address set 
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as the destination address of the received data packet, encrypts encrypt t he data packet having the 
readout communication partner IP address set as the destination address in accordance with the 
readout encrypted communication path setting information, and transmits transmit t he data 
packet, 

the program further enables said name resolution query/response transmission/reception 
means receives to receive , from the name resolution server, the name resolution response further 
containing encrypted communication path setting information in addition to the determination 
result and the IP address of said other node apparatus, and 

the program further enables said encrypted communication path setting means regist e rs to 
register , in the encrypted communication path setting table, encrypted communication path 
setting information contained in the name resolution response in correspondence with the IP 
address of said other node apparatus and the intercept address. 

44. (currently amended): A program computer-readable medium according to claim 40, 
characterized in that the program further enables said communication method resolution means 
determines to determine whether said other node apparatus is an encrypted communication target 
node by looking up a setting table in which at least part of the domain name of the encrypted 
communication target node is registered. 
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